Cisco Cisco Content Security Management Appliance M1070 Guía Del Usuario
5-44
AsyncOS 9.5.x for Cisco Content Security Management Appliances User Guide
Chapter 5 Using Centralized Web Reporting and Tracking
Web Tracking
Searching for Transactions Processed by the L4 Traffic Monitor
The L4 Traffic Monitor tab on the Web > Reporting > Web Tracking page provides details about
connections to malware sites and ports. You can search for connections to malware sites by the following
types of information:
connections to malware sites and ports. You can search for connections to malware sites by the following
types of information:
•
Time range
•
IP address of the machine that initiated the transaction (IPv4 or IPv6)
•
Domain or IP address of the destination website (IPv4 or IPv6)
•
Port
•
IP address associated with a computer in your organization
•
Connection type
•
The Web Security appliance that processed the connection
The first 1000 matching search results are displayed.
To view the hostname at the questionable site or the Web Security appliance that processed the
transaction, click the Display Details link in the Destination IP Address column heading.
transaction, click the Display Details link in the Destination IP Address column heading.
For more information about how you can use this information, see
.
Related Topics
•
Other Malware
This category is used to catch all other malware and suspicious behavior that
does not exactly fit in one of the other defined categories.
does not exactly fit in one of the other defined categories.
Phishing URL
A phishing URL is displayed in the browser address bar. In some cases, it
involves the use of domain names and resembles those of legitimate domains.
involves the use of domain names and resembles those of legitimate domains.
PUA
Potentially Unwanted Application. A PUA is an application that is not
malicious, but may be considered to be undesirable.
malicious, but may be considered to be undesirable.
System Monitor
A system monitor encompasses any software that performs one of the
following:
following:
•
Overtly or covertly records system processes and/or user action.
•
Makes those records available for retrieval and review at a later time.
Trojan Downloader
A trojan downloader is a Trojan that, after installation, contacts a remote
host/site and installs packages or affiliates from the remote host.
host/site and installs packages or affiliates from the remote host.
Trojan Horse
A trojan horse is a destructive program that masquerades as a benign
application. Unlike viruses, Trojan horses do not replicate themselves.
application. Unlike viruses, Trojan horses do not replicate themselves.
Trojan Phisher
A trojan phisher may sit on an infected computer waiting for a specific web page
to be visited or may scan the infected machine looking for user names and
passwords.
to be visited or may scan the infected machine looking for user names and
passwords.
Virus
A virus is a program or piece of code that is loaded onto your computer without
your knowledge.
your knowledge.
Worm
A worm is program or algorithm that replicates itself over a computer network
and performs malicious actions.
and performs malicious actions.
Malware Type
Description